/*
 * Copyright (c) 2018-2999 湖南洛云网络科技有限公司 All rights reserved.
 *
 * https://www.gz-yami.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */

package com.yami.shop.security.multishop.config;

import com.yami.shop.security.comment.filter.YamiAuthenticationProcessingFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

import java.util.List;

/**
 * @author LGH
 */
@Configuration
@EnableResourceServer
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {


    @Autowired
    private List<YamiAuthenticationProcessingFilter> yamiAuthenticationProcessingFilters;

    @Override
    public void configure(HttpSecurity http) throws Exception {
        yamiAuthenticationProcessingFilters.forEach((yamiAuthenticationProcessingFilter)
                -> http.addFilterBefore(yamiAuthenticationProcessingFilter, UsernamePasswordAuthenticationFilter.class));

        http.cors(Customizer.withDefaults())
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
                .and()
                .requestMatchers().anyRequest()
                .and()
                .anonymous()
                .and()
                .authorizeRequests()
                .antMatchers(
                        "/webjars/**",
                        "/swagger/**",
                        "/order/delivery/**",
                        "/KdApi/Search/**",
                        "/admin/area/list",
                        "/shop/paySms/paySmsCallback/*",
                        "/v2/api-docs",
                        "/doc.html",
                        "/swagger-ui.html",
                        "/swagger-resources/**",
                        "/captcha.jpg",
                        "/order/refund/result/**",
                        "/sys/webConfig/getActivity").permitAll()
                .and()
                .authorizeRequests();
//                //配置所有访问控制，必须认证过后才可以访问
//                .antMatchers("/**").authenticated();
    }

}
